Ashley Madison’s parent company settles with FTC for $1.6 million over massive hack that exposed 32 million people

source
Getty Images

The Toronto-based parent company of the website Ashley Madison has settled with the US Federal Trade Commission for $1.6 million over allegations the company misled consumers and did little to secure private information on its users.

As part of the settlement, ruby Corp. (the “ruby” is intentionally lower case) did not admit or deny the allegations made by the FTC and various states’ attorneys-general.

Half of the settlement will be paid out to the FTC, while the other half goes to states who participated in the settlement.

“Today is a pivotal day for our members and for Ashley Madison,” Rob Segal, ruby CEO, said in a statement. “Today’s settlement closes an important chapter on the company’s past and reinforces our commitment to operating with integrity and to building a new future for our members, our team and our company.”

Now rebranded as ruby Corp., the company formerly known as Avid Life Media was the subject of a “highly critical”review by Australian government investigators in August. It’s also still enduring multiple legal battles since the massive breach of its database in July 2015 exposed the identities of some32 million users.

Segal and company president James Millership have been on the job for less than a year, after being brought in to turn around the beleaguered company previously led by CEO Noel Biderman. Biderman resigned soon after the data breach, which exposed customer data and many of his own embarrassing emails, including some that suggested he was having affairs himself, according to Buzzfeed News.

Since July, Ashley Madison has undergone a number of changes to win users back. One of the most notable was its pivot away from infidelity. Instead of the tagline “Life’s short. Have an affair,” it’s website now says simply: “Find your moment.”

The new leadership team also brought in outside cybersecurity experts from Deloitte to beef up its infrastructure, implemented more secure credit card processing, and did away with fake female profiles that had been widespread across the site. An audit by Ernst & Young confirmed that they had indeed been removed.

Ruby boasted in October that roughly 17 million people had signed up for the site after it was hacked, and its own employee ranks have grown 40%.